Internet explorer 8 has a flaw that allows remote users tospooff the domain name in 'ieframe.dll' wen is set to 'acr_error.htm' in res: uri handler a remote user can compose a Bad link thats shows in domain name for examplegoogle.com , but wen click in the link it goes to other site (spooffing)